Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Summary
Microsoft released two open-source tools to help developers test AI agent security during development. RAMPART is a testing framework (built on PyRIT, an earlier tool) that lets developers write test cases to find safety problems like cross-prompt injections (when untrusted data reaches an AI indirectly through sources like emails or files) and data exfiltration (unauthorized data leakage). Clarity is a planning tool that guides developers through design decisions early in a project, before coding begins, so potential issues can be addressed cheaply rather than fixed later.
Solution / Mitigation
Microsoft provides RAMPART and Clarity as open-source tools. According to the source: RAMPART is 'a Pytest-native safety and security testing framework for writing and running safety and security tests for AI agents' that 'evaluates the outcome of those tests and reports the results.' Clarity helps developers 'arrive at the right approach even before writing a single line of code' by 'guiding them through problem clarification, solution exploration, failure analysis, and decision tracking.' Microsoft states that using these tools 'move[s] AI safety from a one-time review to a set of living artifacts that developers can use throughout the lifecycle.'
Classification
Affected Vendors
Related Issues
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
Original source: https://thehackernews.com/2026/05/microsoft-open-sources-rampart-and.html
First tracked: May 20, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%